exploitDog

GHSA-mcxf-qmfh-h3pp

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Unrestricted file upload vulnerability in submitlink.php in FlexPHPLink Pro 0.0.7 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the renamed file in linkphoto/.

Unrestricted file upload vulnerability in submitlink.php in FlexPHPLink Pro 0.0.7 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the renamed file in linkphoto/.

Ссылки

EPSS

Процентиль: 90%

0.05655

Низкий

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2008-6731

nvd

почти 17 лет назад

Unrestricted file upload vulnerability in submitlink.php in FlexPHPLink Pro 0.0.7 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the renamed file in linkphoto/.

EPSS

Процентиль: 90%

0.05655

Низкий

CVE ID

Дефекты

CWE-20